These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE Technology Lab

 
  • Topic is locked indefinitely.
12Next page
 

SECURITY ALERT www.uddm.info

Author
Coyote Laughing
#1 - 2012-03-14 18:39:58 UTC  |  Edited by: Coyote Laughing
I was sent a share in a company "Call to Glory".

Upon trying to contact "Light's Administrator" I found it had a 1 million ISK communication charge.

At that point, I assumed the person was merely anti-social.

Looking that their corporate information, I used the in-game web browser to open their web site www.uddm.info

At which point I was asked by my computer to trust that site.

I cancelled the browser and quit eve immediately.

Upon scanning, I found over 20 tracking cookies had still be inserted into my computer and I suspect there was an attempted shell script incursion.

When I tried to tell as many people as possible, the following email was sent to me and I was blocked from sending 1 line to each system I came across - which is far less an offense than the people sitting in the market hubs do every day.

I trust that you will file petitions and escalate them until CCP does the right thing and remove this person from any position of responsibility.


Spamming public channels
From: GM Radiance
Sent: 2012.03.14 18:01
To: Coyote Laughing,

Spamming public channels is very annoying for other citizens of the EVE universe. Cease this activity at once, or face further repercussions.

l8r \o/

Coyote Laughing
#2 - 2012-03-14 18:44:53 UTC  |  Edited by: Coyote Laughing
I would also point out that a door when opened can swing both ways.

When you threaten repercussions, be sure of your facts before acting.

PS - I will be saving this website as proof that it has not been tampered with.

l8r \o/

malaire
#3 - 2012-03-14 19:04:00 UTC  |  Edited by: malaire
> Upon trying to contact "Light's Administrator" I found it had a 1 million ISK communication charge.

Normal.

> At which point I was asked by my computer to trust that site.

Normal.

> I cancelled the browser and quit eve immediately.

Why ???

> Upon scanning, I found over 20 tracking cookies had still be inserted into my computer

Cookies are harmless.

> and I suspect there was an attempted shell script incursion.

erm.. what? Any proof?

> When I tried to tell as many people as possible, ...

So you started spamming and got warning.

New to EVE? Don't forget to read: The Manual * The Wiki * The Career Options * and everything else

Morganta
The Greater Goon
Clockwork Pineapple
#4 - 2012-03-14 19:28:04 UTC
so you're offended by the default service charge for communications?
have you turned yours off?

cookies is how the web works

proof or its simple slander

obviously the GMs see it as slander so you got muted.

also enjoy your ban for posting GM/mod communications on the forum

off to a great start, you even managed to crosspost., you should run a mining bot and scam in the recruitment channel so you can have a reputation for breaking every rule in eve in one day
Coyote Laughing
#5 - 2012-03-14 20:02:02 UTC  |  Edited by: Coyote Laughing
Morganta wrote:
so you're offended by the default service charge for communications?
have you turned yours off?

cookies is how the web works

proof or its simple slander

obviously the GMs see it as slander so you got muted.

also enjoy your ban for posting GM/mod communications on the forum

off to a great start, you even managed to crosspost., you should run a mining bot and scam in the recruitment channel so you can have a reputation for breaking every rule in eve in one day


1. The default is around 3k - not 1 Million. Mine is set to 0.
2. Harmful tracking cookies as determined by my virus scanner.
3. Suspected shell script insertion.... if they fail in the attempt, how would it leave proof? 3B - suspected, not slanderous.
4. A GM who obviously failed to check their facts first and sent an eve mail, rather than attempting to convo me as a I attempted my Paul Revere impersonation. Then acted without checking their facts.
5. Again, I do apologize for acting in haste. I have already covered this in my cross post.... no I appear to have circumvented a ban which will result in more bans..... I haven't been to bed yet and this day is only getting started.
6. As to the information revealed - what personal details other than the name of the GM is in there - even assuming that it is a unique employee name, I have no idea who they are, where they live, or any other private information.

l8r \o/

malaire
#6 - 2012-03-14 20:11:45 UTC
> 2. Harmful tracking cookies as determined by my virus scanner.

You don't seem to know much about virus scanners, many automatically mark cookies as "harmfull" because they can be used to track you - nothing else.

> 3. Suspected shell script insertion.... if they fail in the attempt, how would it leave proof? 3B - suspected, not slanderous.

Please tell more about this. You didn't say anything about why you suspected this.

> 4. A GM who obviously failed to check their facts first and sent an eve mail, rather than attempting to convo me as a I attempted my Paul Revere impersonation. Then acted without checking their facts.

You can allways report GM with petition if you really think they did something wrong.

> 6. As to the information revealed - what personal details other than the name of the GM is in there - even assuming that it is a unique employee name, I have no idea who they are, where they live, any any other "personal" information.

It's not about personal information (forum rule 8) but rule after that: "9. Private communication between the Game Masters, Eve Team members, moderators and administrators of the forum and the forum users is not to be made public on these forums or by any other venue."

New to EVE? Don't forget to read: The Manual * The Wiki * The Career Options * and everything else

Coyote Laughing
#7 - 2012-03-14 20:34:03 UTC  |  Edited by: Coyote Laughing
I supposed I could rules lawyer this all day, but put simply.....

Does what appears to be a "boilerplate" message actually contain any information not already in the public domain already?

I could ask other people what their warnings said, but isn't it supposed to be private and I have already screwed up enough as it is?

Was it generated automatically by a text matching script?

Even if this person exists, did they do any more than press "send"?

l8r \o/

Coyote Laughing
#8 - 2012-03-14 20:36:08 UTC
As to the shell script insertion issue.... why would the system ask if the web site can be made "trusted" unless it attempted to make changes to my computer?

l8r \o/

Aebe Amraen
Dreddit
Test Alliance Please Ignore
#9 - 2012-03-14 20:42:41 UTC
Go learn about how the IGB (in-game browser) works. Sites can request you to "trust" them, which allows them to hook into the game and provide services that would otherwise be impossible.
Coyote Laughing
#10 - 2012-03-14 20:48:09 UTC
"You can allways report GM with petition if you really think they did something wrong."

Well, if they can act that hastily to ban me, I am wondering where they have been last month?

How about those flooders in the market that repeat themselves - at least by moving systems they only had to hear it once.

Ok - somebody was heading to Jita at the same time...... I did try and apologize for that....

So I can file another petition to file a complaint about a petition that.... oh wait, I am only allowed two petitions.


l8r \o/

Coyote Laughing
#11 - 2012-03-14 20:51:15 UTC
Aebe Amraen wrote:
Go learn about how the IGB (in-game browser) works. Sites can request you to "trust" them, which allows them to hook into the game and provide services that would otherwise be impossible.


Yeah, except that I block plug-ins and services like that for a start..... so for it to attempt that means it was trying to bypass my security.

I would make my security settings higher, but then I would be looking at a blank screen and be unable to play Eve.

l8r \o/

Coyote Laughing
#12 - 2012-03-14 21:02:13 UTC  |  Edited by: Coyote Laughing
Oh wait, it looks like I will be looking at a blank screen and being unable to play eve.....

Maybe I should just shut up and and we can close this discussion before I make things any worse than they already are.

l8r \o/

Penitent Terona
Ministry of War
Amarr Empire
#13 - 2012-03-15 01:16:41 UTC
Coyote Laughing wrote:
Aebe Amraen wrote:
Go learn about how the IGB (in-game browser) works. Sites can request you to "trust" them, which allows them to hook into the game and provide services that would otherwise be impossible.


Yeah, except that I block plug-ins and services like that for a start..... so for it to attempt that means it was trying to bypass my security.

I would make my security settings higher, but then I would be looking at a blank screen and be unable to play Eve.


Except your in game browser doesn't have any options for you to block plugins and services. So no, for it to ask was to normal.
Louis Vitton
Viziam
Amarr Empire
#14 - 2012-03-15 02:57:53 UTC
Quote:


Spamming public channels
From: GM Radiance
Sent: 2012.03.14 18:01
To: Coyote Laughing,

Spamming public channels is very annoying for other citizens of the EVE universe. Cease this activity at once, or face further repercussions.


So i am guessing you dont know that its a breach of your EULA with CCP to post any comms from a GM !
malaire
#15 - 2012-03-15 07:59:13 UTC  |  Edited by: malaire
Coyote Laughing wrote:
As to the shell script insertion issue.... why would the system ask if the web site can be made "trusted" unless it attempted to make changes to my computer?

So in short you know nothing about how IGB (In Game Browser) works and started making accusations without any reason.

IGB offers websites single javascript call which can be used to request "trust". If you decide to trust website, then EVE will send extra information to that website, like your current ingame location. NOTHING ELSE. Website don't get any extra permissions to send anything to you.

This is completely normal and happens in many EVE websites. I think you can block that request per website, but other than that there is no options to block plugins/services in IGB.

And it wasn't "System" asking you to trust website, but EVE.

New to EVE? Don't forget to read: The Manual * The Wiki * The Career Options * and everything else

Peter Powers
Terrorists of Dimensions
#16 - 2012-03-15 08:57:39 UTC
i had a quick look at the side, didnt see any "shell script insertion".
the trust part is about being able to read information from your eve client, such as the system your ship is in (and a few others)

tracking cookies aren't something thats unusall at websites at all, infact they help whoever is running the website to determine who to optimize the website.

looking at the site you blame however i see they have adverts for adultfriendfinder in 'em, probably you got triggered by the tracking thats used for the adverts of that website.

3rdPartyEve.net - your catalogue for 3rd party applications

Karbowiak
Super Villains
Pandemic Horde
#17 - 2012-03-15 19:24:26 UTC
the stupidity in this thread is too delicious..

i can't not comment on it.. Cool
Austneal
Nero Fazione
#18 - 2012-03-16 14:03:13 UTC
9/10
GeekWarrior
S0utherN Comfort
#19 - 2012-03-16 16:03:08 UTC
You're an idiot that doesn't understand how HTTP cookies work. Stop jumping to conclusions.
Coyote Laughing
#20 - 2012-04-02 09:21:52 UTC
Okay - do something constructive and post me link to an article that explains it to a noob like me then.

I accept the mockery that I am due - but not trolling of somebody who doesn't know any better and couldn't contact somebody in customer support or their corporation to explain it, because they got their communications blocked.

l8r \o/

12Next page